HIPAA Violations with Paper Records by Business Associate and Sub-Contractor
Four Massachusetts community hospitals are investigating how thousands of patient health records, some containing Social Security numbers and sensitive medical diagnoses, ended up in a pile at a public dump. The unshredded records included pathology reports with patients’ names, addresses, and results of breast, bone, and skin cancer tests, as well as the results of lab work following miscarriages. By Liz Kowalczyk Globe Staff / August 13, 2010
Information Security and Privacy Compliance Work Plan by Rebecca Herold, The Privacy Professor
The following is a high-level work plan to create an information security and privacy program to meet compliance with HIPAA, HITECH and other regulatory and contractual requirements. The areas listed will vary depending upon the organization’s business model, size, number of geographic locations, other applicable legal requirements, and any other unique factors. Each organization should use this as a starting point and change appropriately for its own unique business situation.
Business Associates Must Comply with Ther HIPAA Contracts, Now!
"Holding a business associate contractually liable, not only for improper uses and disclosures of PHI, but also for compliance with all other requirements of the Privacy Rule that pertain to the performance of the business associate's contract" Reinhart Boerner Van Deuren SC
44% of CIOs say Business Associates Not Ready for "Meaningful Use":Pricewaterhouse Coopers Study Shows
44% of CIOs say they are concerned that the external vendors they rely on in health information exchanges are not prepared for meaningful use implementation according to a survey done by Pricewaterhouse Coopers.
Business Associates Liable for Breach of Their Business Associate Agreements, Effective February 17, 2010
Consequently, effective Feb. 18, 2010, the HITECH Act makes business associates both contractually liable to a covered entity for breach of the business associate agreement with the covered entity and civilly and criminally liable to the government for violations of those Security Rule requirements and the Privacy Rule's business associate agreement requirements.
OCR Issues Proposed Modifications to HIPAA Privacy and Security Rules
Subscribe via RSSCategories
- HIPAA HITECH Act
- HIPAA Covered Entity
- HIPAA Business Associates
- Health Information Privacy
- HIPAA Compliance Online Software
- HIPAA Compliant Checklist
Recent Blog Posts
- HIPAA Violations with Paper Records by Business Associate and Sub-Contractor
- Information Security and Privacy Compliance Work Plan by Rebecca Herold, The Privacy Professor
- Business Associates Must Comply with Ther HIPAA Contracts, Now!
- 44% of CIOs say Business Associates Not Ready for "Meaningful Use":Pricewaterhouse Coopers Study Shows
- Business Associates Liable for Breach of Their Business Associate Agreements, Effective February 17, 2010
- Do Note Breach Business Associate Agreements:Ford & Harrison LLP, Daniel Sulton
- more from the blog
